And last, but not least: ssh { root-login deny; protocol-version v2; rate-limit 3; }
Rate limit it in the [system services] stanza. 3 unsuccessful tries and the IP is ignored. - Chris. P.S. the 'ssh' services port is defined in /etc/services. Unsure if you adjust the line, that it may move the listening port. Might be worth a try; but naturally this would be a Juniper-unsupported configuration and will probably be overwritten on a software upgrade. It may also affect your firewall filters in the [from] stanza. YMMV. chrisk@fw02.miller> start shell % grep ssh /etc/services ssh 22/tcp #Secure Shell Login ssh 22/udp #Secure Shell Login On 2011-04-02, at 11:23 AM, Jesus Alvarez wrote: > Hi, > > Is there a way to change the SSH port for managing the EX switches and M > routers? We normally avoid using the standard port 22. > > Thanks! > > > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp